We are blocking UAC (User Account Control).


We are displaying the names of all active windows in Windows.


We write kernel driver - we are deleting files.


We are writing a Worm


In this article, we'll look at how Clipboard works and focus on copied or cut data that we capture.

Introduction to Alternate Data Stream (ADS)


Today we’ll take a closer look at how the content of infected libraries is running into running processes, or how to deploy moduls - Inline Hooking Dll. 

Encrypting the content of files via file infector .


In this example, I will show - describe the way the malware module works, namely the keylogger.

In this example, I will use the option HOOKING, specificl fuctnions called CallBack.


By continuing the article Inline Hook DLL, today we will introduce the method of hooking code through the Import Access Table.